Please push an updated build to resolve CVEs in busybox

Open dan-ih opened this issue 1 year ago • 0 comments

The below CVEs exist in busybox in the latest published image (1.2.0). Can you please publish an update to resolve these CVEs?

List

CVE-ID: CVE-2023-42364 Vulnerable Package: busybox Severity: MEDIUM URI: See https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42364 for more details Info: Upgrade to at least version(s): Alpine:v3.19 - 1.36.1-r17

CVE-ID: CVE-2023-42366 Vulnerable Package: busybox Severity: MEDIUM URI: See https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42366 for more details Info: Upgrade to at least version(s): Alpine:v3.16 - 1.35.0-r18 | Alpine:v3.17 - 1.35.0-r30 | Alpine:v3.18 - 1.36.1-r6 | Alpine:v3.19 - 1.36.1-r16

CVE-ID: CVE-2023-42365 Vulnerable Package: busybox Severity: MEDIUM URI: See https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42365 for more details Info: Upgrade to at least version(s): Alpine:v3.19 - 1.36.1-r17

CVE-ID: CVE-2023-42363 Vulnerable Package: busybox Severity: MEDIUM URI: See https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42363 for more details Info: Upgrade to at least version(s): Alpine:v3.19 - 1.36.1-r17

Jul 31 '24 17:07 dan-ih